Description
This is a follow-up on #130960 (comment):
For all hash algorithms (NEW with this PR):
malloc, malloc_with_params_and_key, malloc_with_key: may return NULL (out of memory)
copy: may return NULL (out of memory)
Full list from #130960 (comment)
For Hacl_Streaming_HMAC:
- malloc may return OutOfMemory, InvalidAlgorithm (e.g. requesting Blake2b_256 on an ARM machine), or Success
- reset may return InvalidLength (if trying to reset the state with a key of different length, this is not supported), or Success
- update: MaximumLengthExceeded or Success
- digest: OutOfMemory or Success
- copy: may return NULL (indicates out of memory)
For all hash algorithms (NEW with this PR):
- malloc, malloc_with_params_and_key, malloc_with_key: may return NULL (out of memory)
- copy: may return NULL (out of memory)
For SHA3/Keccak only:
- digest may return InvalidAlgorithm (if the algorithm is shake)
- squeeze may return InvalidAlgorithm (if the algorithm is not shake)
I think all of these can be handled as a followup, I just thought it would be good to have it in writing here so that you can decide which of these are worth checking for. The reason I brought up other hash algorithms is that, since you requested (or maybe @picnixz ?) proper out of memory handling in HACL*, we now may return NULL for other algorithms (like hash algorithms), meaning that this PR will introduce new possibly-NULL return values as a side-effect of updating the vendored copy of HACL*.
For the record, Python ignores MaximumLengthExceeded on the basis that this cannot happen in practice.